ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2026-42826 - Azure DevOps Information Disclosure Vulnerability
CVE ID :CVE-2026-42826 Published : May 7, 2026, 8:59 p.m. | 1 hour, 21 minutes ago Description :None Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timel
CVE-2026-35428 - Azure Cloud Shell Spoofing Vulnerability
CVE ID :CVE-2026-35428 Published : May 7, 2026, 8:58 p.m. | 1 hour, 21 minutes ago Description :None Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeli
CVE-2026-33823 - Microsoft Team Events Portal Information Disclosure Vulnerability
CVE ID :CVE-2026-33823 Published : May 7, 2026, 8:58 p.m. | 1 hour, 22 minutes ago Description :None Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeli
CVE-2026-33844 - Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability
CVE ID :CVE-2026-33844 Published : May 7, 2026, 8:58 p.m. | 1 hour, 22 minutes ago Description :None Severity: 9.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeli
New Ivanti EPMM 0-Day Vulnerability Actively Exploited in Attacks
Ivanti has issued a critical security advisory for its Endpoint Manager Mobile (EPMM) product, disclosing multiple actively exploited vulnerabilities, including CVE-2026-6973, and urging all on-premises EPMM customers to
CVE-2026-5788 - Ivanti EPMM Improper Access Control Remote Code Execution
CVE ID :CVE-2026-5788 Published : May 7, 2026, 4:16 p.m. | 4 hours, 4 minutes ago Description :An Improper Access Control in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthentica
New Cisco Network Vulnerability Let Remote Attacker Cause DoS Attack
Cisco has issued a critical security advisory regarding a high-severity vulnerability impacting its Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO). Tracked formally as CVE-2026-20188 with a CV
WatchGuard Agent Vulnerabilities Let Attackers Grant Full SYSTEM Privileges on Windows
WatchGuard has released urgent security updates to address multiple high-severity vulnerabilities affecting the WatchGuard Agent on Windows. The most critical of these flaws allows authenticated local attackers to escala
Critical Redis Vulnerabilities Enables Remote Code Execution Attacks
Five dangerous vulnerabilities in Redis expose Redis Cloud, Redis Software, and all open-source community editions to potential remote code execution, giving authenticated attackers a direct path to compromise affected s
Palo Alto Networks firewall zero-day exploited for nearly a month
Palo Alto Networks warned customers that suspected state-sponsored hackers have been exploiting a critical-severity PAN-OS firewall zero-day vulnerability for nearly a month. [...]
Critical vm2 Node.js Library Vulnerabilities Enables Arbitrary Code Execution Attacks
VM2 has been hit by 11 critical vulnerabilities, putting countless applications that rely on it at risk of executing untrusted code. Affecting all versions up to 3.11.1, each flaw provides attackers with a clear path out
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been disclosed in the vm2 Node.js library that could be exploited by bad actors to break out of the sandbox and execute arbitrary code on susceptible systems. vm2 is an open
CVE-2024-3273
Currently trending CVE - Hype Score: 2 - ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unkn
CVE-2026-44114 - OpenClaw < 2026.4.20 - Environment Variable Namespace Collision via Workspace dotenv
CVE ID :CVE-2026-44114 Published : May 6, 2026, 8:16 p.m. | 2 hours, 4 minutes ago Description :OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runtime-control environment namespace in workspace d
Critical vm2 sandbox bug lets attackers execute code on hosts
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. [...]
Argo CD’s ServerSideDiff Vulnerability Enables Kubernetes Secret Extraction
A critical cybersecurity vulnerability has been uncovered in Argo CD, a widely used declarative GitOps continuous delivery tool for Kubernetes environments. Tracked as CVE-2026-43824, this high-severity flaw allows low-p
New Fanwei E-cology10 Server Vulnerability Could Let Attackers Hijack Sessions and Steal Credentials
A critical security flaw has been discovered in Fanwei E-cology10, a widely used enterprise collaboration platform built for medium and large organizations. The vulnerability, tracked as QVD-2026-14149, allows attackers
Apache fixes critical HTTP/2 double-free flaw CVE-2026-23918 enabling RCE
Apache fixed several flaws in HTTP Server, including CVE-2026-23918 (CVSS score of 8.8), a double-free bug in HTTP/2 that could allow remote code execution. The Apache Software Foundation has released updates to fix mult
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in attacks. [...]
Palo Alto Networks PAN-OS flaw exploited for remote code execution
Palo Alto Networks warns of a critical PAN-OS flaw (CVE-2026-0300) that is under active attack, allowing unauthenticated remote code execution. Palo Alto Networks has warned that a critical PAN-OS vulnerability, tracked